A severe vulnerability, CVE-2018-1270, was found recently in the spring framework. We cannot continue to run products/applications that are affected by this vulnerability.
Are any CA PAM versions affected by Pivotal Spring Framework Vulnerability CVE-2018-1270?
The answer applies to all PAM releases currently generally available. The latest release at the time of writing is 3.2.
All currently available CA PAM releases are NOT affected by this vulnerability.